From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 407AD138330 for ; Thu, 15 Sep 2016 08:17:16 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 130F4E0B6D; Thu, 15 Sep 2016 08:17:13 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id B6625E0B6D for ; Thu, 15 Sep 2016 08:17:12 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 52E4F3409EC for ; Thu, 15 Sep 2016 08:17:11 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 624492479 for ; Thu, 15 Sep 2016 08:17:09 +0000 (UTC) From: "Anthony G. Basile" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Anthony G. Basile" Message-ID: <1473927412.e3d0d8a52726496069257e1f83e437183468aa7e.blueness@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: net-misc/curl/ X-VCS-Repository: repo/gentoo X-VCS-Files: net-misc/curl/Manifest net-misc/curl/curl-7.50.3.ebuild X-VCS-Directories: net-misc/curl/ X-VCS-Committer: blueness X-VCS-Committer-Name: Anthony G. Basile X-VCS-Revision: e3d0d8a52726496069257e1f83e437183468aa7e X-VCS-Branch: master Date: Thu, 15 Sep 2016 08:17:09 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 1fb8292a-81f6-453f-8170-1cab6e16a07b X-Archives-Hash: c96fcc8b7ff1607fdd0285b554bb903f commit: e3d0d8a52726496069257e1f83e437183468aa7e Author: Anthony G. Basile gentoo org> AuthorDate: Thu Sep 15 08:15:49 2016 +0000 Commit: Anthony G. Basile gentoo org> CommitDate: Thu Sep 15 08:16:52 2016 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e3d0d8a5 net-misc/curl: version bump to 7.50.3, CVE-2016-7167, bug #593716 Package-Manager: portage-2.2.28 net-misc/curl/Manifest | 1 + net-misc/curl/curl-7.50.3.ebuild | 254 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 255 insertions(+) diff --git a/net-misc/curl/Manifest b/net-misc/curl/Manifest index 237e9af..18c88bd 100644 --- a/net-misc/curl/Manifest +++ b/net-misc/curl/Manifest @@ -3,3 +3,4 @@ DIST curl-7.49.1.tar.bz2 7459866 SHA256 eb63cec4bef692eab9db459033f409533e6d10e2 DIST curl-7.50.0.tar.bz2 7465962 SHA256 608dfe2db77f48db792c387e7791aca55a25f0b42385707ad927164199ecfa9a SHA512 f431c9895d260ef77dcff29e868c8d5180800d12f2bd89da8942422cec454432717e6ede6484d6b6711cb2bdd85e7e8f6ae23c59fd1f5b69acd569570c8efdd8 WHIRLPOOL ce677f42ce608340857dbe9cb6b5fc890eac535ebadd484dfd4291a2ffd031a111faf1f916a200e91ab9c6fd5755175efea1835321c20a0cb0743eaccf9305cc DIST curl-7.50.1.tar.bz2 7464809 SHA256 3c12c5f54ccaa1d40abc65d672107dcc75d3e1fcb38c267484334280096e5156 SHA512 94acd91fcf8ff2605e1ba2d086c2c366257b61eaf516b9ea44e574e315feb5b30f6e47d89051f259e026ef5dd9edde5f7b15a6af9ee6a38f641da354e1e677b1 WHIRLPOOL 437da96eb708a4822db77d27a0bf015b33e51105892c63d47b4fafe0e446ee03a7e580d1a519633d1b43bc5703adeb14399f8bdfc563c841be76892a7d00888f DIST curl-7.50.2.tar.bz2 7477028 SHA256 0c72105df4e9575d68bcf43aea1751056c1d29b1040df6194a49c5ac08f8e233 SHA512 5db4fba920f1627e545ddf774ceaafe3afce43c85aaa8aa7842337fe6cbc031aa597d9d80457c5d52bc7a0c218de30bb29802383e1d81e3f220186212dade342 WHIRLPOOL ff1034c19835168f1ad94a957bbcbec500f0a269b97951d66e4ec220a04b50386fedb971ee6a9331b920a55de781df3249a3d94e9764d1db2029cc77296bf0a2 +DIST curl-7.50.3.tar.bz2 7478393 SHA256 7b7347d976661d02c84a1f4d6daf40dee377efdc45b9e2c77dedb8acf140d8ec SHA512 59012f0d9abd38d00e0b2db0cd5d8b513c08000354d31e7318007b688dc1eb71a0ac71a13acd40b0becc6199299091697b448d2e6895f90e103a23cd23f7f621 WHIRLPOOL 90d45150dd82433d29ac3eeaab1ed3a58a8e6ca20b41039a9988d4a73ceaf5b11b5b9c7ba7c9cce05e13056350691d80e52f5c12ae11ac7ffa91e32d56e0c056 diff --git a/net-misc/curl/curl-7.50.3.ebuild b/net-misc/curl/curl-7.50.3.ebuild new file mode 100644 index 00000000..6224b8e --- /dev/null +++ b/net-misc/curl/curl-7.50.3.ebuild @@ -0,0 +1,254 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit autotools eutils prefix multilib-minimal + +DESCRIPTION="A Client that groks URLs" +HOMEPAGE="https://curl.haxx.se/" +SRC_URI="https://curl.haxx.se/download/${P}.tar.bz2" + +LICENSE="MIT" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~hppa-hpux ~x86-interix ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +IUSE="adns http2 idn ipv6 kerberos ldap metalink rtmp samba ssh ssl static-libs test threads" +IUSE+=" curl_ssl_axtls curl_ssl_gnutls curl_ssl_libressl curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_polarssl curl_ssl_winssl" +IUSE+=" elibc_Winnt" + +#lead to lots of false negatives, bug #285669 +RESTRICT="test" + +RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] ) + ssl? ( + curl_ssl_axtls? ( + net-libs/axtls[${MULTILIB_USEDEP}] + app-misc/ca-certificates + ) + curl_ssl_gnutls? ( + net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}] + dev-libs/nettle:0=[${MULTILIB_USEDEP}] + app-misc/ca-certificates + ) + curl_ssl_libressl? ( + dev-libs/libressl:0=[static-libs?,${MULTILIB_USEDEP}] + ) + curl_ssl_mbedtls? ( + net-libs/mbedtls:0=[${MULTILIB_USEDEP}] + app-misc/ca-certificates + ) + curl_ssl_openssl? ( + dev-libs/openssl:0=[static-libs?,${MULTILIB_USEDEP}] + ) + curl_ssl_nss? ( + dev-libs/nss:0[${MULTILIB_USEDEP}] + app-misc/ca-certificates + ) + curl_ssl_polarssl? ( + net-libs/polarssl:0=[${MULTILIB_USEDEP}] + app-misc/ca-certificates + ) + ) + http2? ( net-libs/nghttp2[${MULTILIB_USEDEP}] ) + idn? ( net-dns/libidn:0[static-libs?,${MULTILIB_USEDEP}] ) + adns? ( net-dns/c-ares:0[${MULTILIB_USEDEP}] ) + kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) + metalink? ( >=media-libs/libmetalink-0.1.1[${MULTILIB_USEDEP}] ) + rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] ) + ssh? ( net-libs/libssh2[static-libs?,${MULTILIB_USEDEP}] ) + sys-libs/zlib[${MULTILIB_USEDEP}] + abi_x86_32? ( + !<=app-emulation/emul-linux-x86-baselibs-20140508-r13 + !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] + )" + +# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303 +# rtmp? ( +# media-video/rtmpdump +# curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] ) +# curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] ) +# ) + +# ssl providers to be added: +# fbopenssl $(use_with spnego) + +DEPEND="${RDEPEND} + >=virtual/pkgconfig-0-r1[${MULTILIB_USEDEP}] + test? ( + sys-apps/diffutils + dev-lang/perl + )" + +# c-ares must be disabled for threads +# only one ssl provider can be enabled +REQUIRED_USE=" + curl_ssl_winssl? ( elibc_Winnt ) + threads? ( !adns ) + ssl? ( + ^^ ( + curl_ssl_axtls + curl_ssl_gnutls + curl_ssl_libressl + curl_ssl_mbedtls + curl_ssl_nss + curl_ssl_openssl + curl_ssl_polarssl + curl_ssl_winssl + ) + )" + +DOCS=( CHANGES README docs/FEATURES docs/INTERNALS.md \ + docs/MANUAL docs/FAQ docs/BUGS docs/CONTRIBUTE.md ) + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/curl/curlbuild.h +) + +MULTILIB_CHOST_TOOLS=( + /usr/bin/curl-config +) + +src_prepare() { + epatch \ + "${FILESDIR}"/${PN}-7.30.0-prefix.patch \ + "${FILESDIR}"/${PN}-respect-cflags-3.patch \ + "${FILESDIR}"/${PN}-fix-gnutls-nettle.patch + + sed -i '/LD_LIBRARY_PATH=/d' configure.ac || die #382241 + + epatch_user + eprefixify curl-config.in + eautoreconf +} + +multilib_src_configure() { + einfo "\033[1;32m**************************************************\033[00m" + + # We make use of the fact that later flags override earlier ones + # So start with all ssl providers off until proven otherwise + local myconf=() + myconf+=( --without-axtls --without-gnutls --without-mbedtls --without-nss --without-polarssl --without-ssl --without-winssl ) + myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt ) + if use ssl ; then + if use curl_ssl_axtls; then + einfo "SSL provided by axtls" + myconf+=( --with-axtls ) + elif use curl_ssl_gnutls; then + einfo "SSL provided by gnutls" + myconf+=( --with-gnutls --with-nettle ) + elif use curl_ssl_libressl; then + einfo "SSL provided by LibreSSL" + myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs ) + elif use curl_ssl_mbedtls; then + einfo "SSL provided by mbedtls" + myconf+=( --with-mbedtls ) + elif use curl_ssl_nss; then + einfo "SSL provided by nss" + myconf+=( --with-nss ) + elif use curl_ssl_polarssl; then + einfo "SSL provided by polarssl" + myconf+=( --with-polarssl ) + elif use curl_ssl_openssl; then + einfo "SSL provided by openssl" + myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs ) + elif use curl_ssl_winssl; then + einfo "SSL provided by Windows" + myconf+=( --with-winssl ) + else + eerror "We can't be here because of REQUIRED_USE." + fi + else + einfo "SSL disabled" + fi + einfo "\033[1;32m**************************************************\033[00m" + + # These configuration options are organized alphabetically + # within each category. This should make it easier if we + # ever decide to make any of them contingent on USE flags: + # 1) protocols first. To see them all do + # 'grep SUPPORT_PROTOCOLS configure.ac' + # 2) --enable/disable options second. + # 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort + # 3) --with/without options third. + # grep -- --with configure | grep Check | awk '{ print $4 }' | sort + ECONF_SOURCE="${S}" \ + econf \ + --enable-crypto-auth \ + --enable-dict \ + --enable-file \ + --enable-ftp \ + --enable-gopher \ + --enable-http \ + --enable-imap \ + $(use_enable ldap) \ + $(use_enable ldap ldaps) \ + --disable-ntlm-wb \ + --enable-pop3 \ + --enable-rt \ + --enable-rtsp \ + $(use_enable samba smb) \ + $(use_with ssh libssh2) \ + --enable-smtp \ + --enable-telnet \ + --enable-tftp \ + --enable-tls-srp \ + $(use_enable adns ares) \ + --enable-cookies \ + --enable-hidden-symbols \ + $(use_enable ipv6) \ + --enable-largefile \ + --without-libpsl \ + --enable-manual \ + --enable-proxy \ + --disable-soname-bump \ + --disable-sspi \ + $(use_enable static-libs static) \ + $(use_enable threads threaded-resolver) \ + --disable-versioned-symbols \ + --without-cyassl \ + --without-darwinssl \ + $(use_with idn libidn) \ + $(use_with kerberos gssapi "${EPREFIX}"/usr) \ + $(use_with metalink libmetalink) \ + $(use_with http2 nghttp2) \ + $(use_with rtmp librtmp) \ + --without-spnego \ + --without-winidn \ + --with-zlib \ + "${myconf[@]}" + + if ! multilib_is_native_abi; then + # avoid building the client + sed -i -e '/SUBDIRS/s:src::' Makefile || die + sed -i -e '/SUBDIRS/s:scripts::' Makefile || die + fi + + # Fix up the pkg-config file to be more robust. + # https://github.com/curl/curl/issues/864 + local priv=() libs=() + # We always enable zlib. + libs+=( "-lz" ) + priv+=( "zlib" ) + if use http2; then + libs+=( "-lnghttp2" ) + priv+=( "libnghttp2" ) + fi + if use curl_ssl_openssl; then + libs+=( "-lssl" "-lcrypto" ) + priv+=( "openssl" ) + fi + grep -q Requires.private libcurl.pc && die "need to update ebuild" + libs=$(printf '|%s' "${libs[@]}") + sed -i -r \ + -e "/^Libs.private/s:(${libs#|})( |$)::g" \ + libcurl.pc || die + echo "Requires.private: ${priv[*]}" >> libcurl.pc +} + +multilib_src_install_all() { + einstalldocs + prune_libtool_files --all + + rm -rf "${ED}"/etc/ +}